On Dec 12, 2014, at 08:35 AM, Andrew Stuart wrote:
>I’m writing an authenticating proxy for the Mailman REST API and want to make
>sure everything works as expected against real infrastructure
>(Postgres/Postfix/Sqlalchemy/Falcon).
We definitely want such a proxy. It's always been our intent that the core's
REST API is an adminipstrative API with full access. It should only be
exposed on localhost or other highly secure interface.
A proxy server such as you describe would be available on a public interface
and would allow people to script the management of their list memberships and
list administrations.
>I was hoping that just pointing the REST tests request port to my proxy would
>work but no dice - lots of failures - trying to diagnose the failures has led
>me back to trying to get the test suite to work against the live servers.
>>I’m wondering if maybe the shortest route here might not be for me to write a
>new set of tests which purely talk REST and don’t touch the back end directly
>at all. Except that’s not a short route. :-)
>>Trying to bend the existing tests to meet my needs is looking harder than I
>have time to deal with.
Even in this case, I wouldn't expect the standard unittests to work. For
example, if a normal user were to try to access the list admin API, you'd
expect that to fail.
I think one approach would be to continue to use the test servers, but have a
backdoor connection which would let you set up the state before each test and
reset the state after each test. Then the tests themselves would use the
authenticated API to flex the things it can and shouldn't be able to do.
It would be possible for example to expose some helper resources in the admin
API which would not normally be exposed in production. Something under a top
level /tests resource perhaps.
Cheers,
-Barry